Tuesday, June 24, 2014

.....“The Machine,” an experimental piece of computing hardware that HP
executives hope will be the template upon which the future of networked
computing is built. In an interview with Ars, Sontag
explained how the core technologies of The Machine—memristor-based
memory and low-cost silicon-to-optic interfaces—will change the shape of
computing.

The Machine is a hyper-dense collection of computing hardware that could
be used in anything from a data center to a mobile device. It has
terabytes of storage and a much smaller power draw than today’s
computing devices—all because of memristor-based memory and optical
interconnects.

Saturday, June 14, 2014

I reinstalled Torque 2.5 and MAUI. After going through the setup as found in Installing Torque 2.5 on CentOS 6. But instead of using the xcat scripts, I used the scripts found in contrib folder to do the installation

The solution I found later on is that I made a mistake of starting service pbs_shed start before service pbs_server start which cause the MAXPROC in MAUI to stop functioning. When I started service pbs_server only, the MAXPROC in Maui works. strange....

Sunday, June 8, 2014

Red Hat was recently notified of a vulnerability affecting all versions of OpenSSL shipped with Red Hat products. CVE-2014-0224 could allow for a man-in-the-middle attack against an encrypted connection.
SSL/TLS connections typically allow for encrypted traffic to pass
between two parties where only the intended senders and recipients can
decrypt data. In the event of a man-in-the-middle attack, an attacker
could intercept an encrypted data stream allowing them to decrypt, view
and then manipulate said data.
The vulnerability can only be exploited if both server and client are
vulnerable to this issue. In the event that one of the two is
vulnerable, there is no risk of exploitation.
NOTE: This vulnerability cannot be used to extract server or client side
key material. This means that existing signed certificates do not need
replacement once software is updated.

Frequently Asked Questions

This FAQ is for the vulnerability CVE-2014-0224 in OpenSSL, also known as "CCS Injection"

Is this issue the same as HeartBleed?

No, this a new issue discovered in OpenSSL that could result in a
man-in-the-middle attack. See the explanation above for full details

Is this issue worse than HeartBleed?

HeartBleed allowed anyone on the internet to exploit vulnerable
servers. This issue requires an attacker to intercept and alter network
traffic in real time in order to exploit the flaw. This reduces the risk
that this vulnerability can be exploited but does not make it
impossible, updating should be a primary remediation focus regardless of
the difficulty in leveraging the exploit.

Do I need to regenerate any certificates?

No, this issue does not result in certificate or private key information leaking.

How can I tell if I'm vulnerable to this issue? Is it possible to test remotely for the presence of this issue?

How can I verify the update is working properly?

Is there a way to mitigate this issue without an update?

There is no known mitigation for this issue. The only way to fix it
is to install updated OpenSSL packages and restart affected services.

Does this issue affect other TLS libraries?

Red Hat has reviewed the NSS and GnuTLS libraries for this issue. We
have determined that these libraries are not affected by this specific
issue.

Do I need to update my OpenSSL package, even if I am not running version 1.0.1?

Red Hat suggests everyone updates their OpenSSL packages regardless of the version they are using. See above for further details

Is this issue being exploited in the wild?

At the time the issue was made public, we were not aware of any
public exploits for this issue or that it is being exploited in the
wild. We believe an exploit could be written for this issue, however
exploitation requires the attacker to intercept and alter network
traffic in real time.

When did Red Hat find out about this issue?

The OpenSSL team was notified about this issue on May 1, 2014, and
contacted Red Hat and other OS distributions on June 2, 2014. This issue
was made public on June 5, 2014.

What can an attacker actually do with this issue?

This issue could allow an attacker to conduct a man-in-the-middle
attack against a vulnerable OpenSSL client communicating with a
vulnerable OpenSSL server. The attacker could then potentially view or
modify the secured traffic. The attacker would need a way to access
network traffic between the communicating parties and alter it. This
OpenSSL issue alone does not provide such level of access to network
traffic.

Why do Red Hat's security advisories list multiple CVE IDs?

OpenSSL is fixing several issues with their latest update. Red Hat's
updates fix the issues as relevant to our various versions of OpenSSL.
This issue has been singled out as the most serious and we are providing
additional information.